Account Research
Read accounts, drawer snapshots, account context, source tracking, signal monitors, source gaps, and research runs.
/api/accounts, /api/accounts/{company_id}/research
Flick Docs
Connect Flick's workspace-scoped API and read-only MCP server to Claude Code, Codex, Claude.ai, ChatGPT.com, and other remote MCP clients.
Last verified: July 2, 2026.
| Surface | URL | Purpose |
|---|---|---|
| Agent onboarding | https://joinflick.co/mcp |
Public funnel for Claude Code, Codex, Claude.ai, Claude Desktop, and ChatGPT setup. |
| Direct API origin | https://api.joinflick.co/api/* |
Workspace-authenticated JSON API routes. |
| Browser API path | https://joinflick.co/api/* |
Same API, proxied from the public web app. |
| MCP server | https://api.joinflick.co/mcp |
Remote MCP JSON-RPC endpoint for AI clients. |
| MCP resource metadata | https://api.joinflick.co/.well-known/oauth-protected-resource/mcp |
Protected-resource metadata for remote MCP clients. Root alias: /.well-known/oauth-protected-resource. |
Local and non-production environments expose FastAPI's generated OpenAPI UI at
/api/docs, /api/redoc, and
/api/openapi.json. Production disables those generated docs.
Flick's production API uses Clerk-authenticated organizations, tenant mapping,
explicit workspace scope, and fail-closed authorization. API callers send
Authorization: Bearer <token>; the token must resolve to an
active organization and workspace before tenant-owned data is read or mutated.
Read accounts, drawer snapshots, account context, source tracking, signal monitors, source gaps, and research runs.
/api/accounts, /api/accounts/{company_id}/research
Launch people searches, review candidates, enrich possible people, and map approved people to role lanes.
/api/accounts/{company_id}/people-searches
List Plays, orchestrate drafts, add manual Plays, confirm annotations, and execute provider actions only after user confirmation.
/api/plays, /api/plays/orchestrate
Browser-facing API responses are safe projections: account IDs and names, source titles and URLs, snippets, retrieved dates, signal summaries, reviewed people, candidate review state, Play state, readiness states, and billing projections. They must not include raw provider bodies, raw CRM payloads, request headers, secrets, token values, encrypted credentials, or cross-tenant data.
Flick's public MCP server is read-only. It exposes persisted signal and Play context that Flick already compiled for the authenticated workspace. It does not run providers, compile graph state on demand, create Play drafts, mutate motion specs, or expose raw evidence payloads.
OAuth clients discover sign-in from the protected-resource metadata and the
WWW-Authenticate challenge on unauthenticated /mcp
requests. OAuth sign-in uses openid profile email public_metadata user:org:read.
Direct bearer-token integrations may use the stricter internal flick.*.read
tool scopes instead.
| Tool | OAuth scope | Bearer-token scope | What it returns |
|---|---|---|---|
flick_get_workspace_status |
user:org:read |
flick.context.read |
Workspace id, read-only status, tool count, and cache status. |
flick_list_accounts |
user:org:read |
flick.context.read |
Accounts with persisted safe signal projections. |
flick_get_account_signal_context |
user:org:read |
flick.context.read |
Safe account, signal, reviewed-people, Plays, cache, and snapshot metadata. |
flick_get_signal_evidence |
user:org:read |
flick.evidence.read |
Safe evidence references from the persisted evidence index. |
flick_list_reviewed_people |
user:org:read |
flick.people.read |
Reviewed people in the safe account context projection. |
flick_list_plays |
user:org:read |
flick.plays.read |
Persisted Play decisions and annotations. |
curl -s https://api.joinflick.co/mcp \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $FLICK_MCP_TOKEN" \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'
claude mcp add --transport http flick https://api.joinflick.co/mcp
claude mcp login flick
claude mcp list
For bearer-token setups, add the server with an authorization header or use environment-variable expansion in Claude Code's MCP config.
codex mcp add flick --url https://api.joinflick.co/mcp
codex mcp login flick
codex mcp list
[mcp_servers.flick]
url = "https://api.joinflick.co/mcp"
bearer_token_env_var = "FLICK_MCP_TOKEN"
claude.ai.Customize -> Connectors.+, choose Add custom connector, and name it Flick.https://api.joinflick.co/mcp as the connector URL.Settings -> Connectors -> Create.Flick.https://api.joinflick.co/mcp as the connector URL.+, choose More, select Flick, and ask for account signal context.| Symptom | Likely cause | Fix |
|---|---|---|
401 Authorization Bearer token is required |
Missing bearer token; the response should include WWW-Authenticate. |
Reconnect through OAuth or set FLICK_MCP_TOKEN. |
403 MCP scope ... is required |
Token lacks user:org:read or the exact internal tool scope. |
Re-authorize with the required OAuth scope or request updated workspace access. |
| Account context is empty. | No fresh persisted Play context snapshot for that account. | Run account research or source tracking in Flick, then retry. |
| Claude.ai or ChatGPT cannot connect. | The MCP endpoint is not reachable from vendor cloud infrastructure. | Use the public HTTPS URL, not localhost or a private VPN URL. |
Contact team@joinflick.co for workspace access.